Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1061
Views
0
Helpful
1
Replies

ASA5506 Spanning Tree Protocol problem

petsoft.eu
Level 1
Level 1

‎07-21-2017 09:26 AM - edited ‎02-21-2020 06:12 AM

Hi
When I have boot system disk0:/asa961-lfbff-k8.SPA on ASA5506 and
setup:
access-list ERTHER ethertype deny bpdu
access-group ERTHER in interface outside
access-group ERTHER in interface inside
my ASA do not populate Spanning Tree Protocol to the router. Every thing work well.
After upgrade to:
boot system disk0:/asa981-lfbff-k8.SPA
Spanning Tree Protocol block router port under Spanning Tree attack.
Setup "ethertype deny bpdu" does not work any more.
Where is the problem ??
Labels:
0 Helpful
1 Reply 1

Dennis Mink
VIP Alumni
VIP Alumni

‎03-12-2018 03:52 AM

how did you configure the port on the router, connecting the asa?  as a trunk port running stp? if so the router will send bpdu's so the asa will shit the port.

 

if you have layer3 interfaces towards the router, then dont worry about spanning tree.

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card